How to Hide HTTP Server Header on Synology NAS

How to Hide HTTP Server Header on Synology NAS

Your Synology security must be the first thing on your mind, especially when you are using Synology NAS as a web server. WordPress is the basis for building a website, and hosting it from home with Synology has never been easier than this. There are websites on the web, like “Sucuri“, that offer free website scans. They can reveal your current Server header in HTTP responses. I honestly don’t like being spied on and I don’t like these sites revealing my HTTP Server header. Privacy is extremely important (with this in mind, also see my previous article on How to Hide PHP Version on Synology NAS). Fortunately, there is a simple way to hide your HTTP server header on Synology. Follow the step by step guide below.

  • STEP 1

Please Support My work by Making a Donation.

  • STEP 2

Go to Control Panel / Network / Connectivity tab / Uncheck Enable the “Server” header in HTTP responses then click Apply.

Synology Hide Nginx Server 1

Now when you do a new scan with “Sucuri“, you should notice that your site’s HTTP Server header is no longer shown, whatever online software or website you may use. Below you can see a before and after screenshot.

BEFORE

synology nginx server revealed

AFTER

synology unknown server

Always remember to Force a Re-scan on the Sucuri page to clear the cache when you scan your website again.

force scan

There’s also another option if you don’t want your server name being revealed. In the screenshot below, below “Enable the ‘Server’ header in HTTP responses”, there’s an option called “Custom ‘Server’ header” followed by a box where normally your server name is. You can type in any word you like (example: a nickname, a number, a meaningless word), then check the “Enable the ‘Server’ header in HTTP responses” and the word you chose to type in will be displayed instead of your server name. As you can see in the screenshot below, I typed in Marius. Follow the instructions in the image below.

Synology Hide Nginx Server 2

If we force a Re-scan with Sucuri, our word of choice (Marius, in my case) will appear instead of the standard server name nginx.

your favorite http server synology
Note: How to Prevent Search Engines From Indexing Your DDNS Address.

This post was updated on Saturday / August 27th, 2022 at 4:11 PM